Routing Mechanism in PCI Multi-Host Topologies Using Destination ID Field

ABSTRACT

Method and system for address routing in a distributed computing system, such as a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric. A destination identifier is provided to identify a physical or virtual host or end point. When a physical or virtual host or end point receives a PCI data packet it compares a list of source identifiers with destination identifiers to determine if a source identifier included in the transaction packet is associated with a destination identifier included in the transaction packet to determine if the transaction packet has a valid association. If the transaction packet has a valid association, it is routed to the target device. The present invention enables each host that attaches to PCI bridges or switches and shares a set of common PCI devices to have its own PCI 64-bit address space and enables the routing of PCI transaction packets between multiple hosts and adapters, through a PCI switched-fabric bus using a destination identifier.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates generally to the data processing field, and more particularly, to communication between a host computer and an input/output (I/O) Adapter through an I/O fabric, wherein the I/O fabric is attached to more than one root node and wherein each root can potentially share with other roots the I/O adapter (IOA). The invention pertains to a method and related apparatus for routing PCI transaction packets between multiple hosts and adapters, through a PCI switched-fabric bus using a destination identifier.

2. Description of the Related Art

PCI (Peripheral Component Interconnect) Express is widely used in computer systems to interconnect host units to adapters or other components, by means of a PCI switched-fabric bus or the like. However, currently, PCI Express does not permit sharing of PCI adapters in topologies where there are Multiple Hosts with Multiple Shared PCI busses. Support for this type of function can be very valuable on blade clusters and on other clustered servers. Currently, PCI Express and secondary network (e.g. FC, IB, Enet) adapters are integrated into blades and server systems, and cannot be shared between clustered blades or even between multiple roots within a clustered system. For blade environments, it can be very costly to dedicate these network adapters to each blade. For example, the current cost of a 10 Gigabit Ethernet adapter is in the $6000 range. The inability to share these expensive adapters between blades has contributed to the slow adoption rate of some new network technologies (e.g. 10 Gigabit Ethernet). In addition, there is a constraint in space available in blades for PCI adapters.

In order to allow virtualization of PCI adapters in the above environment, a mechanism is required for routing memory mapped I/O (MMIO) packets from a host to an adapter, and also for routing direct memory access (DMA) packets from an adapter to a selected host. The mechanism must be designed so that it protects memory and data in the system image of one host from being accessed by unauthorized applications in system images of other hosts.

It would, accordingly, be desirable to provide an address routing mechanism for a distributed computing system, for example, a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric, and that enables each host that attaches to PCI switches and shares a set of common PCI devices to have it's own PCI 64-bit address space.

SUMMARY OF THE INVENTION

The present invention provides a method and system for address routing in a distributed computing system, such as a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric. A destination identifier is provided in a transaction packet to identify a physical or virtual host or end point. When a physical or virtual host or end point receives the transaction packet it compares a list of source identifiers with destination identifiers to determine if a source identifier included in the transaction packet is associated with the destination identifier included in the transaction packet to determine if the transaction packet has a valid association. If the transaction packet has a valid association, it is routed to the target device. The present invention enables each host that attaches to PCI bridges or switches and shares a set of common PCI devices to have its own PCI 64-bit address space. One useful embodiment of the invention is directed to a method for routing packets through PCI switches in a distributed computing system comprising multiple root nodes, wherein each root node includes one or more hosts.

BRIEF DESCRIPTION OF THE DRAWINGS

The novel features believed characteristic of the invention are set forth in the appended claims. The invention itself, however, as well as a preferred mode of use, further objectives and advantages thereof, will best be understood by reference to the following detailed description of an illustrative embodiment when read in conjunction with the accompanying drawings, wherein:

FIG. 1 is a block diagram that illustrates a distributed computing system according to an exemplary embodiment of the present invention;

FIG. 2 is a block diagram that illustrates an exemplary logical partitioned platform in which the present invention may be implemented;

FIG. 3 is a diagram that illustrates a multi-root computing system interconnected through multiple bridges or switches according to an exemplary embodiment of the present invention;

FIG. 4 is a diagram that schematically illustrates a Destination ID Validation Table and a Destination ID Routing Table and their association with a PCI Express packet according to an exemplary embodiment of the present invention;

FIG. 5 is a diagram that schematically illustrates two examples of a PCI Express transaction according to an exemplary embodiment of the present invention;

FIG. 6 illustrates a PCI configuration header according to an exemplary embodiment of the present invention;

FIG. 7 is a diagram that schematically illustrates the operation of a Memory to Destination ID Translation Table according to an exemplary embodiment of the present invention; and

FIG. 8 is a flowchart that illustrates a method for address routing in a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric according to an exemplary embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

The present invention applies to any general or special purpose computing system where multiple root complexes (RCs) are sharing a pool of Input/Output Adapters (IOAs) through a common I/O fabric. More specifically, the exemplary embodiments described herein detail a data routing mechanism when the I/O fabric uses PCI Express protocol.

With reference now to the figures and in particular with reference to FIG. 1, a block diagram of a distributed computing system is depicted according to an exemplary embodiment of the present invention. The distributed computing system is generally designated by reference number 100 and takes the form of two or more Root Complexes (RCs), five RCs 108, 118, 128, 138 and 139 being provided in the exemplary embodiment illustrated in FIG. 1. RCs 108, 118, 128, 138 and 139 are attached to an I/O fabric 144 through I/O links 110, 120, 130, 142, and 143, respectively; and are connected to memory controllers 104, 114, 124 and 134 of root nodes (RNs) 160, 161, 162 and 163, through links 109, 119, 129, 140 and 141, respectively. I/O fabric 144 is attached to IOAs 145, 146, 147, 148, 149 and 150 through links 151, 152, 153, 154, 155, 156, 157 and 158. The IOAs may be single function IOAs, such as IOAs 145, 146 and 149; or multiple function IOAs, such as IOAs 147, 148 and 150. Further, the IOAs may be connected to I/O fabric 144 via single links as in IOAs 145, 146, 147 and 148; or with multiple links for redundancy as in 149 and 150.

RCs 108, 118, 128, 138 and 139 are each part of one of Root Nodes (RNs) 160, 161, 162 and 163. There may be one RC per RN as in the case of RNs 160, 161 and 162, or more than one RC per RN as in the case of RN 163. In addition to the RCs, each RN includes one or more Central Processing Units (CPUs) 101-102, 111-112, 121-122 and 131-132; memory 103, 113, 123 and 133; and memory controller 104, 114, 124 and 134 which connects the CPUs, memory, and I/O RCs, and performs such functions as handling the coherency traffic for the memory.

RNs may be connected together at their memory controllers, as illustrated by connection 159 connecting RNs 160 and 161, to form one coherency domain which may act as a single Symmetric Multi-Processing (SMP) system, or may be independent nodes with separate coherency domains as in RNs 162 and 163.

Configuration manager 164 may be attached separately to I/O fabric 144 as shown in FIG. 1, or may be part of one of RNs 160-163. Configuration manager 164 configures the shared resources of the I/O fabric and assigns resources to the RNs.

Distributed computing system 100 may be implemented using various commercially available computer systems. For example, distributed computing system 100 may be implemented using an IBM eServer iSeries Model 840 system available from International Business Machines Corporation, Armonk, N.Y. Such a system may support logical partitioning using an OS/400 operating system, which is also available from International Business Machines Corporation.

Those of ordinary skill in the art will appreciate that the hardware depicted in FIG. 1 may vary. For example, other peripheral devices, such as optical disk drives and the like, also may be used in addition to or in place of the hardware depicted. The depicted example is not meant to imply architectural limitations with respect to the present invention.

With reference now to FIG. 2, a block diagram of an exemplary logical partitioned platform is depicted in which the present invention may be implemented. The platform is generally designated by reference number 200, and hardware in logical partitioned platform 200 may be implemented as, for example, distributed computing system 100 in FIG. 1.

Logical partitioned platform 200 includes partitioned hardware 230; operating systems 202, 204, 206 and 208; and partition management firmware (platform firmware) 210. Operating systems 202, 204, 206 and 208 are located in partitions 203, 205, 207 and 209, respectively; and may be multiple copies of a single operating system or multiple heterogeneous operating systems simultaneously run on logical partitioned platform 200. These operating systems may be implemented using OS/400, which is designed to interface with partition management firmware 210. OS/400 is intended only as one example of an implementing operating system, and it should be understood that other types of operating systems, such as AIX and Linux, may also be used, depending on the particular implementation.

An example of partition management software that may be used to implement partition management firmware 210 is Hypervisor software available from International Business Machines Corporation. Firmware is “software” stored in a memory chip that holds its content without electrical power, such as, for example, read-only memory (ROM), programmable ROM (PROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), and nonvolatile random access memory (nonvolatile RAM).

Partitions 203, 205, 207 and 209 also include partition firmware 211, 213, 215 and 217, respectively. Partition firmware 211, 213, 215 and 217 may be implemented using initial boot strap code, IEEE-1275 Standard Open Firmware, and runtime abstraction software (RTAS), which is available from International Business Machines Corporation. When partitions 203, 205, 207 and 209 are instantiated, a copy of boot strap code is loaded onto partitions 203, 205, 207 and 209 by platform firmware 210. Thereafter, control is transferred to the boot strap code with the boot strap code then loading the open firmware and RTAS. The processors associated or assigned to the partitions are then dispatched to the partition's memory to execute the partition firmware.

Partitioned hardware 230 includes a plurality of processors 232, 234, 236 and 238; a plurality of system memory units 240, 242, 244 and 246; a plurality of IOAs 248, 250, 252, 254, 256, 258, 260 and 262; storage unit 270 and Non-Volatile Random Access Memory (NVRAM) storage unit 298. Each of the processors 232-238, memory units 240-246, storage 270 and NVRAM storage 298, and IOAs 248-262, or parts thereof, may be assigned to one of multiple partitions within logical partitioned platform 200, each of which corresponds to one of operating systems 202, 204, 206 and 208.

Partition management firmware 210 performs a number of functions and services for partitions 203, 205, 207 and 209 to create and enforce the partitioning of logical partitioned platform 200. Partition management firmware 210 is a firmware implemented virtual machine identical to the underlying hardware. Thus, partition management firmware 210 allows the simultaneous execution of independent OS images 202, 204, 206 and 208 by virtualizing the hardware resources of logical partitioned platform 200.

Service processor 290 may be used to provide various services, such as processing platform errors in the partitions. These services may also include acting as a service agent to report errors back to a vendor, such as International Business Machines Corporation.

Operations of the different partitions may be controlled through hardware management console hardware management console 280. Hardware management console 280 is a separate distributed computing system from which a system administrator may perform various functions including reallocation of resources to different partitions.

In a logical partitioned (LPAR) environment, it is not permissible for resources or programs in one partition to affect operations in another partition. Furthermore, to be useful, the assignment of resources needs to be fine-grained. For example, it is often not acceptable to assign all IOAs under a particular PCI Host Bridge (PHB) to the same partition, as that will restrict configurability of the system, including the ability to dynamically move resources between partitions.

Accordingly, some functionality is needed in the bridges that connect IOAs to the I/O bus so as to be able to assign resources, such as individual IOAs or parts of IOAs to separate partitions; and, at the same time, prevent the assigned resources from affecting other partitions such as by obtaining access to resources of the other partitions.

With reference now to FIG. 3, a diagram that illustrates a multi-root computing system interconnected through multiple bridges or switches is depicted according to an exemplary embodiment of the present invention. The system is generally designated by reference number 300. The mechanism presented in this description includes a new field, referred to herein as a Destination ID (DID) field. This DID field is part of a PCI Express packet. The DID number (DID#) field could be one of the following: a physical DID field, a virtual DID (e.g., a Virtual Entity ID), or another kind of label devised to identify the different devices connected through a PCI I/O fabric.

Furthermore, FIG. 3 illustrates the concept of a PCI fabric that supports multiple roots through the use of multiple bridges or switches. The configuration consists of a plurality of host CPU sets 301, 302 and 303, each containing a single or a plurality of system images (SIs). In the configuration illustrated in FIG. 3, host CPU set 301 contains two SIs 304 and 305, host CPU set 302 contains SI 306 and host CPU 303 contains SIs 307 and 308. These systems interface to the I/O fabric through their respective RCs 309, 310 and 311. Each RC can have one port, such as RC 310 or 311, or a plurality of ports, such as RC 309 which has two ports 381 and 382. Host CPU sets 301, 302 and 303 along with their corresponding RCs will be referred to hereinafter as root nodes 301, 302 and 303.

Each root node is connected to a root port of a multi root aware bridge or switch, such as multi root aware bridge or switches 322 and 327. As shown in FIG. 3, root nodes 301, 302 and 303 are connected to root ports 353, 354 and 355, respectively, of multi root aware bridge or switch 322; and root node 301 is further connected to multi root aware bridge or switch 327 at root port 380. A multi root aware bridge or switch, by way of this invention, provides the configuration mechanisms necessary to discover and configure a multi root PCI fabric.

The ports of a bridge or switch, such as multi root aware bridge or switch 322, 327 or 331, can be used as upstream ports, downstream ports, or both upstream and downstream ports, where the definition of upstream and downstream is as described in PCI Express Specifications. In FIG. 3, ports 353, 354, 355, 359, and 380 are upstream ports, ports 357, 360, 361, 362, and 363 are downstream ports. However, when using the DID based routing mechanism described herein, the direction is not necessarily relevant, as the hardware does not care which direction the transaction is heading since it routes the transaction using the unique DID number associated with each destination.

The ports configured as downstream ports are used to attach to adapters or to the upstream port of another bridge or switch. In FIG. 3, multi root aware bridge or switch 327 uses downstream port 360 to attach IO Adapter 342, which has two virtual IO adapters or virtual IO resources 343 and 344. Similarly, multi root aware bridge or switch 327 uses downstream port 361 to attach IO Adapter 345, which has three virtual IO adapters or virtual IO resources 346, 347 and 348. Multi root aware bridge or switch 322 uses downstream port 357 to attach to port 359 of multi root aware bridge or switch 331. Multi root aware bridge or switch 331 uses downstream ports 362 and 363 to attach IOA 349 and IOA 352, respectively.

The ports configured as upstream ports are used to attach a RC. In FIG. 3, multi root aware switch 327 uses upstream port 380 to attach to port 381 of root 309. Similarly, multi root aware switch 322 uses upstream port 353, 354 and 355 to attach to port 382 of root 309, root 310's single port and root 311's single port.

In the exemplary embodiment illustrated in FIG. 3, IOA 342 is a virtualized IOA with its function 0 (F0) 343 assigned and accessible to SI1 304, and its function 1 (F1) 344 assigned and accessible to SI2 305. In a similar manner, IOA 345 is a virtualized IOA with its function 0 (F0) 346 assigned and accessible to SI3 306, its function 1 (F1) 347 assigned and accessible to SI4 307, and its function 3 (F3) assigned to SI5 308. IOA 349 is a virtualized IOA with its F0 350 assigned and accessible to SI2 305, and its F1 351 assigned and accessible to SI4 307. IOA 352 is a single function IOA assigned and accessible to SI5 308.

FIG. 3 also illustrates where the mechanisms for DID based routing would reside according to an exemplary embodiment of the present invention; however, it should be understood that other components within the configuration could also store whole or parts of DID routing tables without departing from the essence of the invention. In FIG. 3, DID routing mechanisms 391, 392, and 393 are shown to be located in bridges or switches 327, 322 and 331, respectively. These mechanisms consist of tables and associations that will be further described hereinafter.

I/O transactions from System Images to Adapters and vice versa are routed using the Destination ID field as follows: a bridge or switch uses DID to look-up egress bridge or switch port (through association of the DID to bridge or switch port in the DIDRT; and transfers a packet (unchanged) through the egress bridge or switch port. Each end-to-end association can have its own PCI Bus Memory Address Space, because the bridges or switches do not use the address for routing.

FIG. 4 is a diagram that schematically illustrates a Destination ID Validation Table and a Destination ID Routing Table and their association with a PCI Express packet according to an exemplary embodiment of the present invention. As shown, the present invention defines an additional field, the DID#, which defines which device to access. The DID# is assigned by the configuration manager, which is a trusted program, at fabric configuration time, and is remembered by the hardware and automatically appended by the hardware on each I/O transaction. The PCI Express I/O transaction packet also has an address that identifies which PCI address to access in the targeted device. The DID# is used in conjunction with DID Routing Tables (DIDRTs) in bridges, switches and/or other components to send PCI Express packages to the correct destination. The DIDRT has a number of entries that associate each DID# in the distributed computing system with the bridge or switch port that the packet should be sent to, in order for the packet to reach the correct destination. A DID Validation Table is also shown in FIG. 4. This table is used to list which BDF# (source) can access a specific device associated with a DID (destination). The BDF# is a field that identifies the source of a transaction by the Bus, Device and Function values. The table provides a way of ensuring that only virtual entities (adapters, IOAs) that are allowed to access a specific system image can do so (and vice versa).

FIG. 5 is a diagram that schematically illustrates two examples of a PCI Express transaction according to an exemplary embodiment of the present invention. The PCI Express transaction is generally designated by reference number 500 and includes transaction layer 520 or 523, data link layer 521 or 524, and physical layer 522 or 525. The fields that are contained in each layer are shown delimited by the arrows in FIG. 5.

The transaction is framed by framing field 501 and 508, or 511 and 518. The sequence number field 502 or 512 is part of the data link layer and keeps transactions in order. The header field 504 or 514 is part of the transaction layer and contains information about the transaction. The data phase 505 or 515 contains the data, when there is any, in the transaction. The end to end CRC (ECRC) 506 or 516 provides an end to end check on the transaction data and header. Link CRC (LCRC) 507 provides a link level data integrity check.

The DID number field can be inserted outside the transaction layer or inside the transaction layer. FIG. 5 illustrates DID number field 503 inserted outside transaction layer 520, and DID number field 513 inserted inside transaction layer 523. In the former case, the DID number field will not be covered by the ECRC data integrity check. In the latter case, the DID number will be covered by the ECRC.

FIG. 6 illustrates a PCI configuration header according to an exemplary embodiment of the present invention. The PCI configuration header is generally designated by reference number 600, and PCI Express starts its extended capabilities 602 at a fixed address in PCI configuration header 600. These can be used to determine if the PCI component is a multi-root aware PCI component and if the device supports DID-based routing. If the PCI Express extended capabilities 602 has multi-root aware bit set 603 and DID based routing supported bit 604 then the DID# for the device can be stored in 605 in the PCI Express Extended Capabilities area. It should be understood, however, that the present invention is not limited to the herein described scenario where the PCI extended capabilities are used to define the DID. Any other field could be redefined or reserved fields used for the Destination ID field implementation on other specifications for PCI.

FIG. 7 is a diagram that schematically illustrates the operation of a Memory to Destination ID Translation Table according to an exemplary embodiment of the present invention. The Memory to DID Translation Table is included in bridges or switches for use when an incoming PCIe data packet does not contain a DID#. In particular, if an incoming PCIe data packet such as data packet 710 does not include a DID#, the memory address 712 in the packet is used to look up the DID# in the Memory to DID Translation Table 720 and obtain the DID# from the table, as schematically illustrated at 730, in order to identify which port in the bridge or switch is associated with the DID# in the DID Routing Table.

The same mechanism that is used for looking up a DID based on address can also be used in the RC for MMIO (memory mapped I/O) Load/Store instruction packet generation from the processor (address only) to the I/O fabric (DID and address).

FIG. 8 is a flowchart that illustrates a method for address routing in a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric according to an exemplary embodiment of the present invention. The method is generally designated by reference number 800, and begins by obtaining the DID#, memory address and BDF# from an incoming PCI Express packet (Step 802). A determination is made whether, in fact, the incoming packet has a DID# (Step 804). If the incoming packet does have a DID# (Yes output of Step 804), the DID# is looked up in a DID Validation Table (Step 806), and a determination is made whether the BDF# in the PCI Express packet is one of the BDF#s associated with the DID# entry in the DIDVT (Step 808). If the BDF# in the PCI Express packet is not one of the BDF#s associated with the DID# in the DIDVT (No output of Step 808), an error is determined to have occurred in that the packet is attempting to access a device that it has not been authorized to access (Step 810). The packet is dropped (not routed to any destination) and the process ends (Step 812).

If the BDF# in the PCIe packet is one of the BDF#s associated with the DID# in the DIDVT (Yes output of Step 808), a lookup is performed to identify which port in a bridge or switch is associated with the DID# in the DID Routing Table (Step 814). Meanwhile, if the incoming packet does not have a DID# (No output of Step 804), the memory address is used to look up the DID# in the bridge or switch Memory to DID Translation Table to obtain the DID# (Step 830), and the lookup is then performed to identify which port in a bridge or switch is associated with the DID# in the DID Routing Table (Step 814).

Following the look up in Step 814, a determination is made whether the outgoing port is DID aware (i.e. supports DID routing) (Step 816). If the outgoing port is aware (Yes output of Step 816), the DID is placed in the packet header and the packet is placed into a queue for the port associated with the DID in the DIDRT (Step 818). The packet then continues DID routing in the next bridge or switch until a final destination is reached (Step 820), and the method ends (Step 812).

If the outgoing port is not aware (No output of Step 816), the DID# is stripped out and the method continues with address base routing (Step 822), and a determination is made whether the DID# is in the TLP (Step 824). If the DID# is in the TLP (Yes output of Step 824), the ECRC is recalculated (Step 826), and the method ends (Step 812). If the DID# is not in the TLP (No output of Step 824), the method ends (Step 812). In the particular case where the path goes through steps 830 and 818 (the case where there is no incoming DID but there is a DID inserted on the outgoing packet, then the ECRC must be recalculated as shown in Step 818 in FIG. 8.

The present invention thus provides a method and system for address routing in a distributed computing system, such as a distributed computing system that uses PCI Express protocol to communicate over an I/O fabric. A destination identifier is provided in a transaction packet to identify a physical or virtual end point. When a physical or virtual end point receives the transaction packet it compares a list of source identifiers with destination identifiers to determine if a source identifier included in the transaction packet is associated with the destination identifier included in the transaction packet to determine if the transaction packet has a valid association. If the transaction packet has a valid association, it is routed to the target device. The present invention enables each host that attaches to PCI bridges or switches and shares a set of common PCI devices to have it's own PCI 64-bit address space.

The invention can take the form of an entirely hardware embodiment or an embodiment containing both hardware and software elements. In a preferred embodiment, the invention is implemented using both hardware and software, which includes but is not limited to firmware, resident software, microcode, etc. Furthermore, the invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.

The medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.

A data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.

Input/output or I/O devices (including but not limited to keyboards, displays, pointing devices, etc.) can be coupled to the system either directly or through intervening I/O controllers.

Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.

The description of the present invention has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the invention in the form disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art. The embodiment was chosen and described in order to best explain the principles of the invention, the practical application, and to enable others of ordinary skill in the art to understand the invention for various embodiments with various modifications as are suited to the particular use contemplated. 

1.-10. (canceled)
 11. An address routing system in a distributed computing system for routing a transaction packet to a target device, comprising: a transaction packet comprising at least a source identifier that identifies a source of a transaction by a bus value, a device value, and a function value, and a memory address that identifies a Peripheral Component Interconnect address to access in a target device; a mechanism for determining if the transaction packet includes a destination identifier that identifies the target device to be accessed by the transaction packet, wherein a destination identifier is automatically inserted into a transaction packet by hardware on each Input/Output transaction; responsive to a determination that the transaction packet includes a destination identifier, a mechanism for retrieving a record from a validation table using the destination identifier included in the transaction packet; responsive to a determination that the transaction packet does not include a destination identifier, a mechanism for retrieving a destination identifier from a translation table using the memory address included in the transaction packet to lookup the destination identifier, for retrieving the record from the validation table using the destination identifier retrieved from the translation table, and for inserting the destination identifier retrieved from the translation table into the transaction packet; a comparing mechanism for determining if the source identifier included in the transaction packet is associated with the destination identifier using the record from the validation table, wherein the validation table contains a record for each of a plurality of destination identifiers, and wherein the record for each of the plurality of destination identifiers indicates all associated source identifiers for one of the plurality of the destination identifiers; responsive to a determination that the source identifier included in the transaction packet is associated with the destination identifier, a mechanism for retrieving at least one port that is associated with the destination identifier using at least one routing table to look up the at least one port, wherein a bridge or switch contains a routing table and one port of the at least one port, and wherein each port of the at least one port is used to reach the target device; a mechanism for determining if the at least one port is destination identifier aware, wherein a port is destination identifier aware by supporting destination identifier routing; responsive to a determination that the at least one port is destination identifier aware, a mechanism for placing the transaction packet in a queue for the at least port; a routing mechanism for routing the transaction packet using the at least one port, wherein the transaction packet is routed to the target device through at least one bridge or switch of the at least one port, wherein the transaction packet is authorized to access the target device if the validation table indicates that the source identifier included in the transaction packet is associated with the destination identifier.
 12. The system according to claim 11, wherein the routing mechanism includes preventing access to the target device in response to a determination that the source identifier included in the transaction packet is not associated with the destination identifier.
 13. (canceled)
 14. The system according to claim 11, and further including: removing the destination identifier from the transaction packet in response to a determination that the at least one port is not destination identifier aware.
 15. The system according to claim 11, and further including: recalculating the ECRC data integrity check in response to a determination that the transaction packet includes a destination identifier.
 16. The system according to claim 11, wherein the target device comprises one of an Input/Output Adapter, a virtual Input/Output Adapter or a system image.
 17. The system according to claim 11, wherein the distributed computing system comprises a distributed computing system that uses Peripheral Component Interconnect Express protocol.
 18. A computer program product comprising: a computer usable storage medium having encoded thereon computer usable program code executed on a computer for routing a transaction packet in a distributed computing system, the computer program product including: computer usable program code configured for receiving a transaction packet comprising at least a source identifier that identifies a source of a transaction by a bus value, a device value, and a function value, and a memory address that identifies a Peripheral Component Interconnect address to access in a target device; computer usable program code configured for determining if the transaction packet includes a destination identifier that identifies the target device to be accessed by the transaction packet, wherein a destination identifier is automatically inserted into a transaction packet by hardware on each Input/Output transaction; responsive to a determination that the transaction packet includes a destination identifier, computer usable program code configured for retrieving a record from a validation table using the destination identifier included in the transaction packet; responsive to a determination that the transaction packet does not include a destination identifier, computer usable program code configured for retrieving a destination identifier from a translation table using the memory address included in the transaction packet to lookup the destination identifier, retrieving the record from the validation table using the destination identifier retrieved from the translation table, and inserting the destination identifier retrieved from the translation table into the transaction packet; computer usable program code configured for determining if the source identifier included in the transaction packet is associated with the destination identifier using the record from the validation table, wherein the validation table contains a record for each of a plurality of destination identifiers, and wherein the record for each of the plurality of destination identifiers indicates all associated source identifiers for one of the plurality of the destination identifiers; responsive to a determination that the source identifier included in the transaction packet is associated with the destination identifier, computer usable program code configured for retrieving at least one port that is associated with the destination identifier using at least one routing table to look up the at least one port, wherein a bridge or switch contains a routing table and one port of the at least one port, and wherein each port of the at least one port is used to reach the target device; computer usable program code configured for determining if the at least one port is destination identifier aware, wherein a port is destination identifier aware by supporting destination identifier routing; responsive to a determination that the at least one port is destination identifier aware, computer usable program code configured for placing the transaction packet in a queue for the at least port; computer usable program code configured for routing the transaction packet using the at least one port, wherein the transaction packet is routed to the target device through at least one bridge or switch of the at least one port, wherein the transaction packet is authorized to access the target device if the validation table indicates that the source identifier included in the transaction packet is associated with the destination identifier.
 19. The computer program product according to claim 18, wherein the computer program product further comprises: computer usable program code configured for preventing access to the target device in response to a determination that the source identifier included in the transaction packet is not associated with the destination identifier.
 20. The computer program product according to claim 18, wherein the computer program product further comprises: computer usable program code configured for removing the destination identifier from the transaction packet in response to a determination that the at least one port is not destination identifier aware.
 21. The computer program product according to claim 18, and further including: computer usable program code configured for recalculating the ECRC data integrity check in response to a determination that the transaction packet includes a destination identifier. 